The following relates to the machine classification arts, embedded system arts, automotive network analysis arts, and related arts.
Vehicles (automobiles, trucks, watercraft, aircraft, et cetera) are increasingly utilizing embedded electronic systems. In the automotive context, embedded system units are usually referred to as Electronic Control Units (ECUs), and are commonly networked on a Controller Area Network bus (CAN bus). In a typical communication protocol, a message includes a header, typically including a message identifier (arbitration ID) followed by a network identifier (network ID) then followed by a set of data bytes (e.g. 8 bytes=64 bits). In some standard automotive CAN bus architectures, the header is 11 bits (2048 possible IDs) or 29 bits (˜500 million possible IDs). Collisions are arbitrated by prioritizing the ID with the most leading zeros; the lower priority message is then re-sent after a specified delay.
There is an expectation in the automotive industry (supported by governmental regulations in some instances) that the CAN bus architecture should be “open” in the sense that third-party manufacturers should be able to provide ECU-equipped components that can connect with an existing CAN bus. This creates a potential entry point for exploitation and challenges in providing CAN bus security against inadvertent glitches and intentional intrusion (e.g. hacking of an ECU or of the entire CAN bus network). Likewise, there are several new entry points for exploitation and pose challenges. A few examples of vulnerable entry points are the tire pressure monitoring system (TPMS), RADAR, LIDAR, camera, on-board diagnostics (e.g. OBD-II), USB, Bluetooth, Wifi enabled on-vehicle hotspots, and cellular connections. The consequences of an unintentional glitch or intentional hack can range from very minor (e.g. the car stereo volume decreasing) to very serious (e.g. loss of vehicle braking, uncontrolled engine acceleration, or aircraft flight control interference).